French regulator opens public consultation on GDPR-compliant workplace biometrics rules

France’s digital privacy regulator has launched a public consultation on draft regulation for “biometrics at work,” which seeks to codify the principles of GDPR in French labor law.

The Commission nationale de l’informatique et des libertés (CNIL) notes that legislative changes have been made to French computer laws to allow employers to set up biometric access control devices, conditional on compliance with CNIL regulations. The law also states that those regulations should be developed through consultation with both public and private stakeholders.

The public consultation is open now, and runs through October 1, 2018, according to the announcement.

Attempts by employers to implement biometric time and attendance systems in the context of stringent privacy regulations has been the source of the majority of lawsuits filed in the U.S. under Illinois’ BIPA.

Jumio recently launched an e-book to help businesses assess the compliance of data processors with GDPR, as technology providers grapple with the new regulation.